>>>>> "Daniel" == Daniel Dehennin <daniel.dehennin at ac-caen.fr> writes: Daniel> Marco Gaiarin <gaio at sv.lnf.it> writes: >> 3) [complex, strong] use a PKI infrastructure where alla >> communication (clearly, usefoul one) are 'signed' with public >> keys. Daniel> Why not just having packages signed by a certificate Daniel> trusted by clients ? Daniel> Client download packages, verify the signature and install Daniel> if it's ok. Daniel> Setting up a local certificate authority, deploying it on Daniel> clients and sign packages is not so hard IMHO. That would be good, if you could sign and check everything from the server, including wpkg.js, packages.xml, any applications and/or data files used by installers from the server. It might get complicated... -- Brian May <bam at snoopy.apana.org.au> wpkg-users mailing list wpkg-users at lists.wpkg.org http://lists.wpkg.org/mailman/listinfo/wpkg-users |